CVE-2016-9879: Spring Security 3.2.10, 4.1.4, 4.2.1 Released

On behalf of the community, I’m pleased to announce the release of Spring Security 3.2.10, 4.1.4, and 4.2.1 which fix CVE-2016-9879. Users are encouraged to update immediately.

It is important to note that Spring Framework 3.2.x has reached EOL. As with Spring Framework, we expect all users to upgrade to 4.2.1+ for further support. Detailed instructions (including samples) on migrating both XML and Java Config based projects can be found in the reference appendix

Read more...

Spring LDAP 2.2.1 & 2.3 RC1 Released

On behalf of the community, I’m pleased to announce the release of Spring LDAP 2.2.1 and 2.3 RC1.

A special thanks to Mark Paluch for getting spring-data-ldap aligned on the Spring Data side!

Spring LDAP 2.3 RC1

This release brings in a new era for Spring Data compatibility. Integration for Spring LDAP and Spring Data has been moved to spring-data-ldap so that it can partake in the Spring Data release train and ensure compatibility with the latest and greatest Spring Data code base. For additional details refer to the changelog

Read more...

Spring Tool Suite 3.8.3 released

Dear Spring Community,

I am happy to announce the 3.8.3 release of the Spring Tool Suite, our Eclipse-based tooling.

STS 3.8.3 focuses on adopting Eclipse Neon.2 and fixing existing issues. The list of changes include:

  • Updated to Eclipse Neon.2
  • Added support for one-time passcode for Cloud Foundry targets in the Spring Boot Dashboard
  • Added support for WAR packaging of Spring Boot apps when deploying them to CF in the Spring Boot Dashboard
  • Added support for health-check in Cloud Foundry manifest files
  • Fixed a number of most-reported errors from the automated error reporting
  • and more...
Read more...